>At the risk of losing the interest of everyone except Paul, Marcus, and me
>(and even *that* may be a stretch! :-))
Naw, I enjoy it too.
>I want to make a case for plugs.
>Plugs are in the same category as circuit gateways, right?
>Circuits with
>well-configured routers is what they were doing at Bell Labs,
Do you mean they were implemented using a router, or they
were implemented in conjunction with a router (filter) ?
>We would still agree, wouldn't we (for some value of "we") that there are
>some safe Internet services where examining the data is fruitless?
No. (Though, I don't know if I'm a member of the intended set
"we"). I don't know of one protocol that hasn't had an exploitable
client-side hole.
But, in many cases the assumption is most of the clients are
"safe" and/or you don't know what exploit to look for, so you
can't code around it anyway. I suppose the problem becomes
that when the exploit is later found, you then have to be able to
implement the full proxy, and the culture change may be
difficult.
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
